Service Description

Business that conduct regular audits pay less on compliance than those that don't. That may sound counter-intuitive, but an efficient compliance programme is more cost-effective than one that is reactive.

Then there is the cost of non-compliance, which includes potential fines and cost associated with incidents, data loss, compensation, and getting your business back to standard operations. The cost of non-compliance differs from industry to industry, but all studies conclusively show that whatever industry you operate in, the cost of doing nothing is far more than investing in a compliance and security programme.

How We Can Help

Each business will be on a different stage of the journey, so the first step is knowing actually how far along you are. This is what the health check from UKGDPR is for. Depending on the size, maturity, and industry, we have three levels that will suit most companies.

Pricing

Bronze

£1,450

For smaller organisations that do a lot of the internal work themselves, this level gives insights into their level of compliance and maturity using electronic questionnaires that are manually assessed by UKGDPR.

Silver

£4,950

Includes a comprehensive paper based review, and number of telephone interviews and questionnaires are used to collect a full picture of not just what you have in place, but what is actually being used and is effective.

Gold

£Call

A comprehensive review by UKGDPR will cover everything in the other levels, and include a detailed onsite audit
‍

Gold

You may have accomplished a number of initiatives, but still have concerns that you have gaps where you are not certain of your level of compliance, potentially leaving you open to unknown risks in the case of a breach or audit.

A comprehensive review by UKGDPR will cover everything in the lower levels, plus;

The completeness of your asset and data inventory
Identified lawful basis of processing
Cyber security resilience
The quality of record keeping under article 30
Governance and Accountability
Effectiveness of training
Existence and completeness of Controller/Processor contracts

Deliverables

A detailed report showing all areas covered with their maturity level, including an Executive Summary for the board, which can also be delivered by UKGDPR consultants.

Silver

At this level, a comprehensive paper based review, and number of telephone interviews and questionnaires are used to collect a full picture of not just what you have in place, but what is actually being used and is effective.
‍

Interviews with key members of the IT and compliance team
Review and comment on your DPIA methodology
Review and comment on your key policies, e.g. Privacy Policy, Data Protection, Breach Notification, Password
Review of your cyber security strategy
Review and comment on your Data Processor Agreements

Deliverables

A full report identifying your current maturity level, and containing detailed recommendations, including an Executive Summary for the Board

Bronze

Assessment of compliance policies and tools in place
Security controls assessment
GAP analysis against minimum compliance levels

Deliverables

A report showing your maturity level against the fundamental compliance controls. GAP analysis and recommendations

We're a group of privacy and security consultants with experienced GDPR practitioners and Data Protection Officers. We look forward to helping you align your company goals with appropriate and adequate organisational and technical measures.

Services Data Inventory & Article 30 Compliance Cyber Security & Article 32 Compliance Data Flow Mapping Health Check & Compliance Audit Training & Workshops Data Protection Impact Assessment Outsourced DPO Procedures & Policies

Home About Us Privacy Policy

Contact